20/100 Configure Nginx & PHP-FPM Using Unix Sock
The Nautilus application development team is planning to launch a new PHP-based application, which they want to deploy on Nautilus infra in Stratos DC. The development team had a meeting with the production support team and they have shared some requirements regarding the infrastructure. Below are the requirements they shared:
1. Install nginx on app server 2 , configure it to use port 8096 and its document root should be /var/www/html.
2. Install php-fpm version 8.2 on app server 2, it must use the unix socket /var/run/php-fpm/default.sock (create the parent directories if don't exist).
3. Configure php-fpm and nginx to work together.
4. Once configured correctly, you can test the website using curl http://stapp02:8096/index.php command from jump host.
NOTE: We have copied two files, index.php and info.php, under /var/www/html as part of the PHP-based application setup. Please do not modify these files.
sudo steve@stapp02
sudo su -
yum install nginx -y
vi /etc/ngxin/nginx.conf
# Modify the nginx.conf to match the port and root path as above
server {
listen 8096;
listen [::]:8096;
server_name _;
root /var/www/html;
index index.php index.html; <-- define both php and html
esc
:wq
systemctl restart nginx
# Install php-fpm v8.2
dnf install -y https://rpms.remirepo.net/enterprise/remi-release-9.rpm
dnf module reset php -y <- reset existing module streams
dnf module enable php:remi-8.2 -y <- enable ver 8.2
dnf install -y php-fpm php-cli php-mysqlnd php-pgsql php-gd php-xml php-mbstring php-curl php-zip php-bcmath <- Install php fpm and extenions
php -v <- determine correct version is now installed
PHP 8.2.29 (cli) (built: Jul 1 2025 16:29:21) (NTS gcc x86_64)
#Configure php-fpm
vi /etc/php-fpm.d/www.conf
#Change the user value:
user = apache <- original
user = nginx <- new config
#Change the group value:
group = apache <- original
group = nginx <- new config
#Change the listen value:
listen = /run/php-fpm/www.sock <- original
listen = /var/run/php-fpm/default.sock <- new config
esc
:wq
#Configure nginx to use php-fpm
vi /etc/nginx/nginx.conf
# Add the following just under the server section
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm/default.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
esc
:wq
#restart both nginx and php-fpm
systemctl restart nginx
systemctl restart php-fpm
# See longer explantion below
ls -l /var/run/php-fpm/default.sock
srw-rw----+ 1 root root 0 Sep 12 11:25 /var/run/php-fpm/default.sock
chown -R nginx:nginx /var/run/php-fpm/default.sock
ls -l /var/run/php-fpm/default.sock
srw-rw----+ 1 nginx nginx 0 Sep 12 11:25 /var/run/php-fpm/default.sock
#Back on the jump host
curl http://stapp02:8096/index.php
Welcome to xFusionCorp Industries
Explanation:
ls -l /var/run/php-fpm/default.sock
srw-rw----+ 1 root root 0 Sep 12 11:25 /var/run/php-fpm/default.sock
chown -R nginx:nginx /var/run/php-fpm/default.sock
ls -l /var/run/php-fpm/default.sock
srw-rw----+ 1 nginx nginx 0 Sep 12 11:25 /var/run/php-fpm/default.sockThe PHP-FPM socket /var/run/php-fpm/default.sock is owned by root:root, so Nginx can’t connect to it. Running chown will fix it only until the next restart of PHP-FPM — then it’ll revert back to root:root. Do to this return to the /etc/php-fpm.d/www.conf file and set permissions and ownership of the socket:
#Set permissions and ownership of the socket
listen = /var/run/php-fpm/default.sock
listen.owner = nginx
listen.group = nginx
listen.mode = 0660Ensure you restart php-fpm - systemctl restart php-fpm